Merge pull request #9 from hivetown/feat/credentialsMangement

Feat/credentials mangement

Author: RomuloNogueira02

databases/db1/.env.example

@@ -3,9 +3,9 @@ MYSQL_PASSWORD=mybackuppassword
 DATABASE=hivetown
 
 INSTANCE_NAME=vm-database-1
-INSTANCE_ZONE=eu-west4-a
+INSTANCE_ZONE=europe-west4-a
 PEER_INSTANCE_NAME=vm-database-2
-PEER_INSTANCE_ZONE=eu-west4-b
+PEER_INSTANCE_ZONE=europe-west4-b
 ALIAS_IP=10.0.128.10
 
 BACKUP_USER=romul

databases/db1/keepalived/.env.example

@@ -7,7 +7,7 @@ STATE=MASTER
 
 # Takeover
 INSTANCE_NAME=vm-database-1
-INSTANCE_ZONE=eu-west4-a
+INSTANCE_ZONE=europe-west4-a
 PEER_INSTANCE_NAME=vm-database-2
-PEER_INSTANCE_ZONE=eu-west4-b
+PEER_INSTANCE_ZONE=europe-west4-b
 ALIAS_IP=10.0.128.10

load-balancers/.env.example

@@ -4,17 +4,9 @@ ZOOKEEPER_HOSTS=10.0.4.2:2181
 # HaProxy
 HAPROXY_STATS_USERNAME=admin
 HAPROXY_STATS_PASSWORD=password
+HAPROXY_DATAPLANEAPI_USERNAME=dataplaneapiuser
 HAPROXY_DATAPLANEAPI_PASSWORD=dataplaneapipassword
 
 # Certbot
 CERTBOT_EMAIL=certs@hivetown.pt
 CERTBOT_DOMAINS=hivetown.pt,www.hivetown.pt
-
-# Keepalived
-UNICAST_SRC_IP=10.0.0.3
-UNICAST_PEER=10.0.0.2
-AUTH_PASS=123456
-STATE=MASTER
-HVT_PUBLIC_IP=34.90.28.85
-INSTANCE_NAME=loadbalancer-1
-INSTANCE_ZONE=eu-west4-a

load-balancers/haproxy.template.cfg

@@ -23,6 +23,7 @@ frontend hvt-frontend from hvt-defaults
     acl letsencrypt-acl path_beg /.well-known/acme-challenge/
     use_backend letsencrypt-backend if letsencrypt-acl
 
+    # Redirect to https if using http
     http-request redirect scheme https unless { ssl_fc }
 
     stats enable
@@ -35,6 +36,7 @@ frontend hvt-frontend from hvt-defaults
 
     default_backend hvt-web
 
+# Proxy to letsencrypt backend
 backend letsencrypt-backend from hvt-defaults
     server certbot host.docker.internal:8888
 
@@ -52,7 +54,7 @@ backend hvt-api from hvt-defaults
     http-request replace-path /api(/)?(.*) /\2
 
 userlist dataplane_users
-  user admin insecure-password ${HAPROXY_DATAPLANEAPI_PASSWORD}
+  user ${HAPROXY_DATAPLANEAPI_USERNAME} insecure-password ${HAPROXY_DATAPLANEAPI_PASSWORD}
 
 program api
   command /usr/bin/dataplaneapi --scheme http --host 0.0.0.0 --port 4444 --haproxy-bin /usr/local/sbin/haproxy --config-file /usr/local/etc/haproxy/haproxy.cfg --reload-cmd "kill -SIGUSR2 1" --reload-delay 5 --restart-cmd "kill -SIGUSR2 1" --userlist dataplane_users --write-timeout=120s --log-to=stdout --log-level=trace

load-balancers/keepalived/.env.example

@@ -4,8 +4,9 @@ UNICAST_SRC_IP=10.0.0.2
 UNICAST_PEER=10.0.0.3
 AUTH_PASS=123456
 STATE=MASTER
+PRIORITY=100
 
 # Takeover
 HVT_PUBLIC_IP=34.90.28.85
 INSTANCE_NAME=loadbalancer-1
-INSTANCE_ZONE=eu-west4-a
+INSTANCE_ZONE=europe-west4-a

load-balancers/keepalived/keepalived.template.conf

@@ -6,7 +6,7 @@ vrrp_instance floating_ip {
         ${UNICAST_PEER}
     }
     virtual_router_id 50
-    priority 100
+    priority ${PRIORITY}
     advert_int 1
     authentication {
         auth_type PASS

load-balancers/keepalived/takeover.sh

@@ -3,8 +3,7 @@
 # - $HVT_PUBLIC_IP: the public IP address
 # - $INSTANCE_NAME: the name of the host instance
 # - $INSTANCE_ZONE: the zone of the host instance
-# TODO! template em vez disto
-. .env
+. /etc/keepalived/.env
 
 # Get the instance that holds the public IP address - the one that is currently ACTIVE
 activeInstance=`gcloud compute instances list --project hivetown | grep $HVT_PUBLIC_IP`

load-balancers/service-discovery/src/index.py

@@ -6,7 +6,7 @@
 from RepeatTimer import RepeatTimer
 from datetime import datetime
 
-haproxy = Haproxy(getenv("HAPROXY_ADDRESS"), getenv("HAPROXY_USERNAME"), getenv("HAPROXY_PASSWORD"))
+haproxy = Haproxy(getenv("HAPROXY_ADDRESS"), getenv("HAPROXY_DATAPLANEAPI_USERNAME"), getenv("HAPROXY_DATAPLANEAPI_PASSWORD"))
 def applyTransaction():
     now = datetime.now().strftime("%Y-%m-%d %H:%M:%S")
 

web-servers/api.env.example

@@ -1,6 +1,10 @@
+PORT=3000
 MIKRO_ORM_HOST=10.0.128.10
 MIKRO_ORM_PORT=3306
 MIKRO_ORM_USER=root
 MIKRO_ORM_PASSWORD=hello
 MIKRO_ORM_DB_NAME=hivetown
 MIKRO_ORM_DEBUG=false
+STRIPE_KEY=stripe_key
+STRIPE_WEBHOOK=stripe_webhook_url
+FRONTEND_URL=https://hivetown.pt

web-servers/docker-compose.yaml

@@ -13,9 +13,11 @@ services:
     restart: unless-stopped
     image: "luckspt/hivetown-web:latest"
     ports:
-      - "8081:8080"
-    environment:
-      - "PORT=8080"
+      - "8081:80"
+    env_file:
+      - web.env
+    depends_on:
+      - api
   service-discovery:
     depends_on:
       - api

web-servers/service-discovery/Dockerfile

@@ -9,6 +9,4 @@ RUN pip install -r requirements.txt
 # Copy the application files
 COPY src/ .
 
-ENV ZOOKEEPER_HOSTS 10.0.0.10:2181
-
 CMD ["python", "-u", "/app/index.py"]

web-servers/web.env.example

@@ -0,0 +1,7 @@
+VITE_API_URL='https://hivetown.pt/api'
+VITE_FIREBASE_API_KEY='an-example-api-key'
+VITE_FIREBASE_AUTH_DOMAIN='some-domain.firebaseapp.com'
+VITE_FIREBASE_PROJECT_ID='an-example-project-id'
+VITE_FIREBASE_STORAGE_BUCKET='some-domain.appspot.com'
+VITE_FIREBASE_MESSAGING_SENDER_ID='some-sender-id'
+VITE_FIREBASE_APP_ID='some-app-id'